2020 Predictions for Cybercrime and Cyber Fraud

This is our first annual roundup of expert predictions for the coming year. Here’s what leading industry figures have to say about cybercrime and cyber fraud in 2020.

• Cybercriminals will target highly regulated industries that have higher potential payouts: It is reported that social security numbers are sold on the dark web for $1 and credit card information can be sold for up to $110. But Experian reports full medical records can command up to $1,000 because they’re an identity thief’s dream: date of birth, place of birth, credit card details, Social Security number, address, and emails. Because of this, fraudsters will extend beyond the common account takeover attacks we often see in the news and go after more lucrative industries like SMBs, healthcare, financial services, government agencies, higher education and energy. Many of these industries lack the IT resources and skills to adequately defend their organizations against sophisticated attacks and represent ripe targets in terms of the type of data that can be compromised. Once compromised, the data can be weaponized by cyber criminals to impersonate just about anyone – making them high profile targets for fraudsters. – Robert Prigge, President of Jumio

• Criminals will have an increased ability to infect devices that were previously considered safer than “traditional” networks and servers – most notably mobile devices. As a consequence, this will escalate financial cybercrime because the technology will allow for easier penetration and takeover of mobile operating systems such as Android and iOS.  – ThetaRay CEO Mark Gazit

• Web skimmers will broaden their impact by going after more e-commerce platforms and plugins – beyond Magento. Looking at web skimming activity, there is no target too big to take on, and no platform will be spared. – Malwarebytes Labs

• Fraud will continue to fund terrorism in 2020, we will see an increase of fraud and cyber attacks being used to fund terrorism around the globe. As we increase our level of insight into the interconnected fraud and organized crime ecosystem, we will uncover more and more cases where proceeds from fraud rings are directly and indirectly bankrolling terrorist activity. – Arkose Labs CEO, Kevin Gosschalk

• The social media revolution will (continue to) be weaponized fraudulent activity and computational propaganda will play a major role in the increasingly polarized political landscape across the globe and in the US presidential election. Election meddling attempts will lead to widespread abuse on social and communication platforms, leveraging sophisticated bots to disseminate misinformation at scale. This will also play out in at the business level. – Arkose Labs CEO, Kevin Gosschalk

• The healthcare industry will heavily invest in fraud prevention strategies as cybercriminals zone in on more lucrative breach targets: The healthcare industry has long been the number one target of cyberattacks, exposing tens of millions of customers’ identities around the world, costing more than $1 billion USD in losses. Moreover, the number of exposed records more than doubled year-over-year, from about 5.1 million records in 2017 to 13.2 million records in in 2018. And yet, only 33 percent of the industry has taken the preventative measure of protecting themselves properly. Considering the rise in healthcare fraud and ransomware, as well as the industry’s shift towards self-service and telemedicine, it will be more important than ever to know your patient is who they say they are in order to avoid catastrophic impact. Diligence around KYP (know your patient) initiatives will be at the forefront of all healthcare interactions as a first line of defense against high value fraud attempts and a means of ensuring patient safety and trust. – Robert Prigge, President ofJumio

• Forget Game of Thrones: New geographical hubs will emerge in the Game of Fraud:  The impact of social unrest and regional economic strain will lead to shifts in the levels of fraud originating from certain regions worldwide. Southeast Asia will continue to be a major hub for fraud, alongside a rise in the incentive levels among individuals in South American countries who have been caught up in recent political and economic turmoil. –Arkose Labs CEO, Kevin Gosschalk

• Today’s concept of digital identities will be its inevitable downfall: Digital identities have been corrupted at scale and fraudsters have become skilled at bypassing fraud detection systems using their knowledge of the parameters used by organizations. This will lead to many businesses reassessing their fraud prevention strategies, as they deal with the growing ‘gray area’ between trusted behavior and that recognized as fraudulent. –Arkose Labs CEO, Kevin Gosschalk

• “The path of the righteous man is beset on all sides by the inequities of the selfish and the tyranny of evil men.”: This famous Pulp Fiction quote crystallizes 2020 – A new level of complexity in fraud orchestration. Fraudsters are playing the long game when it comes to fraud, taking the time to organize sophisticated attacks that do not initially reveal their fraudulent intent. Multi-step attacks mean that the monetization opportunity for a fraudster is not always apparent, making them significantly harder to detect and requiring organizations to carry out more sophisticated anomaly detection across the entire customer journey. –Arkose Labs CEO, Kevin Gosschalk

• One and done: There will be a rise in single request attacks: Fraudsters will leverage next-generation tools to masquerade as legitimate consumers, using single request attacks to obfuscate digital identifiers such as IP address and device fingerprints. We will see more and more attacks that do not display traditional tell-tale signs of being connected to fraud – requiring more robust authentication steps to protect businesses from fraud. Arkose Labs CEO, Kevin Gosschalk

Photo Credit: reshetbty Flickr via Compfight cc